Skip to content

Comments

Be sure to differentiate between user and server certificates#21668

Closed
rullzer wants to merge 1 commit intomasterfrom
fix/custome_certificate_handling
Closed

Be sure to differentiate between user and server certificates#21668
rullzer wants to merge 1 commit intomasterfrom
fix/custome_certificate_handling

Conversation

@rullzer
Copy link
Member

@rullzer rullzer commented Jul 3, 2020

If we try to list the certificates there is a difference between a user
and the system. If the user does not have customer certificates but the
server does. Then we should still fetch the customer server bundle

This slightly extends the ICertificateManager. But since it fixes a
perforamnce issue I'm kind of fine with it.

Signed-off-by: Roeland Jago Douma roeland@famdouma.nl

@rullzer
Be sure to differentiate between user and server certificates
3f5c7bf 
If we try to list the certificates there is a difference between a user
and the system. If the user does not have customer certificates but the
server does. Then we should still fetch the customer server bundle

This slightly extends the ICertificateManager. But since it fixes a
perforamnce issue I'm kind of fine with it.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
@rullzer rullzer added bug 3. to review Waiting for reviews labels Jul 3, 2020
@rullzer rullzer added this to the Nextcloud 20 milestone Jul 3, 2020
ChristophWurst
ChristophWurst reviewed Jul 3, 2020
View reviewed changes
lib/public/ICertificateManager.php
* @since 8.0.0
*/
public function listCertificates();
public function listCertificates($uid = '');
Copy link
Member

@ChristophWurst ChristophWurst Jul 3, 2020

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
public function listCertificates($uid = '');
public function listCertificates(?string $uid = '');

or

Suggested change
public function listCertificates($uid = '');
public function listCertificates(string $uid = null);

Copy link
Member

@MorrisJobke MorrisJobke Jul 3, 2020

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

then it should be the first, because the second one would change the behavior from "return the users list" to "return the global list" ...

what a mess of an API 🙈

Maybe it should be listUserCertificates(string $uid = '') and listGlobalCertificates() to make this visible in the code and not hidden in some magic flags.

Copy link
Member Author

@rullzer rullzer Jul 3, 2020

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Let me do it this way. I'll revert the original PRs to the maintenance releases. They will then have to do it with slightly less performant code. And we add the new stuff for 20

lib/private/Http/Client/Client.php
}

// If there are server wide customer certifcates use those
if ($this->certificateManager->listCertificates(null) !== []) {
Copy link
Member

@ChristophWurst ChristophWurst Jul 3, 2020

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

$uid is be null and not '' -> is that intended?

Copy link
Member Author

@rullzer rullzer Jul 3, 2020

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

yeah it is the weird certificate store magic

Copy link
Member

@MorrisJobke MorrisJobke Jul 3, 2020

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

null requests the global cert list, '' uses the one of the current user 🙈

@MorrisJobke
Copy link
Member

MorrisJobke commented Jul 5, 2020

See also #21693

@rullzer rullzer closed this Jul 5, 2020
@MorrisJobke MorrisJobke deleted the fix/custome_certificate_handling branch July 5, 2020 20:05
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@ChristophWurst ChristophWurst ChristophWurst left review comments

@nickvergessen nickvergessen Awaiting requested review from nickvergessen

@MorrisJobke MorrisJobke Awaiting requested review from MorrisJobke

@juliusknorr juliusknorr Awaiting requested review from juliusknorr

@kesselb kesselb Awaiting requested review from kesselb

Assignees

No one assigned

Labels

3. to review Waiting for reviews bug

Projects

None yet

Milestone

Nextcloud 20

Development

Successfully merging this pull request may close these issues.

3 participants

@rullzer @MorrisJobke @ChristophWurst